Security implications of Bonjour protocol for developers and administrators

Bonjour is a zero-configuration protocol created by Apple to allow easy configuration of devices on a local network. Developers and systems administrators using Bonjour should be aware of these security implications.

Bonjour uses Multicast DNS (mDNS) to provide the ability to perform DNS-like operations on the local link in the absence of any conventional Unicast DNS server. Bonjour requires little or no administration or configuration to set up. It works when no infrastructure is present, and it works during infrastructure failures. This design assumes cooperation of participants. In a hostile environment other mechanisms must be used to ensure the cooperation of participants or to distinguish untrusted Multicast DNS messages.

In wireless environments, WPA2-PSK or better encryption should be used to ensure only trusted parties are active on the network. In open network environments (e.g., Wi-Fi hotspots) administrators should implement appropriate mitigations.

These mitigations might include:

advertising services using unicast Wide-Area Bonjour, configured manually or automatically using one of the emerging Bonjour Hybrid Proxy gateway products; or

using other Bonjour gateway products available from Wi-Fi access point vendors.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.